#17007: fixed stacy voice

## Summary Describe the problem and fix in 2–5 bullets: - Problem: - Why it matters: - What changed: - What did NOT change (scope boundary): ## Change Type (select all) - [ ] Bug fix - [ ] Feature - [ ] Refactor - [ ] Docs - [ ] Security hardening - [ ] Chore/infra ## Scope (select all touched areas) - [ ] Gateway / orchestration - [ ] Skills / tool execution - [ ] Auth / tokens - [ ] Memory / storage - [ ] Integrations - [ ] API / contracts - [ ] UI / DX - [ ] CI/CD / infra ## Linked Issue/PR - Closes # - Related # ## User-visible / Behavior Changes List user-visible changes (including defaults/config). If none, write `None`. ## Security Impact (required) - New permissions/capabilities? (`Yes/No`) - Secrets/tokens handling changed? (`Yes/No`) - New/changed network calls? (`Yes/No`) - Command/tool execution surface changed? (`Yes/No`) - Data access scope changed? (`Yes/No`) - If any `Yes`, explain risk + mitigation: ## Repro + Verification ### Environment - OS: - Runtime/container: - Model/provider: - Integration/channel (if any): - Relevant config (redacted): ### Steps 1. 2. 3. ### Expected - ### Actual - ## Evidence Attach at least one: - [ ] Failing test/log before + passing after - [ ] Trace/log snippets - [ ] Screenshot/recording - [ ] Perf numbers (if relevant) ## Human Verification (required) What you personally verified (not just CI), and how: - Verified scenarios: - Edge cases checked: - What you did **not** verify: ## Compatibility / Migration - Backward compatible? (`Yes/No`) - Config/env changes? (`Yes/No`) - Migration needed? (`Yes/No`) - If yes, exact upgrade steps: ## Failure Recovery (if this breaks) - How to disable/revert this change quickly: - Files/config to restore: - Known bad symptoms reviewers should watch for: ## Risks and Mitigations List only real risks for this PR. Add/remove entries as needed. If none, write `None`. - Risk: - Mitigation: <!-- greptile_comment --> <h3>Greptile Summary</h3> This large PR bundles multiple unrelated changes under the title "fixed stacy voice": a default ElevenLabs voice ID change (Rachel `21m00Tcm4TlvDq8ikWAM` replaces `pMsXgVXv3BLzUgSXRplE`), new unauthenticated `/api/media/` file-serving endpoints in the gateway HTTP server, a new `"block"` DM access-control policy, fallback inbound message deduplication, audio playback UI in the chat dashboard, Windows build compatibility fixes (`shell: true`, `npx` instead of `pnpm exec`), a `OPENCLAW_SKIP_BUILD` env flag, and several committed build debug logs. - **Build artifacts committed**: `build_check.txt`, `build_check_final.txt`, `build_log.txt`, `build_log_2.txt`, `build_log_4.txt` contain local filesystem paths (`C:\Users\cc\...`) and should not be in the repository. These should be removed and added to `.gitignore`. - **Security concerns in media endpoints**: The `/api/media/by-path` handler has a double URL-decoding issue (`URLSearchParams.get` + explicit `decodeURIComponent`) and runs `statSync` on attacker-controlled paths before the confinement check, creating a file-existence oracle. Prior review threads flagged the lack of authentication, `startsWith` prefix bypass, and fragile traversal sanitization — those remain unresolved. - **PR scope**: The PR description template is entirely blank — no problem statement, change type, security impact assessment, or verification steps are documented despite significant security-surface changes (new unauthenticated endpoints, new access-control policy). This makes review harder and violates the PR template's intent. - **Missing tests**: No tests were added for the new `"block"` DM policy, the fallback dedupe logic, or the media-serving endpoints. <h3>Confidence Score: 1/5</h3> - This PR introduces unauthenticated file-serving endpoints with security issues and commits build artifacts; it should not be merged as-is. - Score of 1 reflects: (1) unauthenticated media endpoints with a file-existence oracle and double-decode bug, (2) five build log files committed with local paths, (3) completely blank PR description despite security-surface changes, (4) no tests for new features (block policy, fallback dedupe, media serving), and (5) multiple previously-flagged security issues that remain unaddressed (auth bypass, startsWith prefix issue, fragile traversal sanitization). - `src/gateway/server-http.ts` needs the most attention — it introduces unauthenticated file-serving with multiple security issues. The committed build logs (`build_check.txt`, `build_check_final.txt`, `build_log.txt`, `build_log_2.txt`, `build_log_4.txt`) should be removed entirely. _{Last reviewed commit: 4e9566b} <!-- greptile_other_comments_section --> <!-- /greptile_comment -->